X

Feedback + Support

Need Assistance? Notice something missing or broken? Let us know!

Press esc to dismiss

Show research Article List
Sort icon: direction descending

research articles

Original research, analysis and reports across the frontier of cryptoeconomics, blockchain technology, and digital assets.
magnifying-glass

Analysis

October 21, 2019

Analysis

October 11, 2019

Analysis

October 4, 2019

Analysis

September 26, 2019

Analysis

September 19, 2019

Update

September 12, 2019

Cryptoasset Report

September 5, 2019

Update

August 23, 2019

Report

August 2, 2019

Cryptoasset Report

May 23, 2019

Cryptoasset Report

May 9, 2019

Cryptoasset Report

April 25, 2019

Cryptoasset Report

March 1, 2019

Quarterly Report

February 26, 2019

Cryptoasset Report

December 20, 2018

Cryptoasset Report

December 18, 2018

Quarterly Report

August 20, 2018

Analysis

June 6, 2018

Analysis

April 4, 2018

Token-based fundraising

March 6, 2018

Analysis

March 2, 2018

Token-based fundraising

February 12, 2018

Token-based fundraising

February 4, 2018

Token Sales

December 29, 2017

Introduction

August 2, 2016

Introduction

July 13, 2016

Education

July 4, 2016

Introduction

June 21, 2016

Introduction

June 14, 2016

Introduction

June 7, 2016

Introduction

March 24, 2016

Introduction

March 17, 2016

You've reached the end of the list

Report

August 2, 2019

AZTEC Protocol

The AZTEC protocol enables users to transact confidentially on the Ethereum Network, notably extending Ethereum's functionality. This report summarizes key AZTEC project details so to better enable readers to understand its impacts for Ethereum.

Overview

The ‘Anonymous Zero-Knowledge Transactions with Efficient Communications’— or ‘AZTEC’ —protocol enables users to transact confidentially on the Ethereum Network. When transactions are processed on Ethereum, anyone can see the sender’s and recipient’s public Ethereum address and the amount being sent. In AZTEC’s view, Ethereum’s lack of transactional privacy is a barrier to the blockchain’s ability to support ‘programmable money’ (smart contracts) suitable for finance applications, because mainstream finance requires privacy in financial transactions as a prerequisite. AZTEC’s success would mean that any generic asset (DAI, BAT, REP, etc) issued on a public blockchain could be transacted confidentially and developers could build AZTEC integrating dApps more suitable for mainstream financial use.

Protocol Details

Transactions using AZTEC are confidential by default: the protocol encrypts the transaction’s inputs and outputs through a series of zero-knowledge proofs and homomorphic encryption, but the transaction’s parties (i.e. addresses) remain public. However, the protocol is compatible with stealth addresses and trusted third party relays (which obscure user address and gas payment information, respectively). With them, Aztec offers a significant degree of privacy for a class of assets that are otherwise not private.

AZTEC requires a common trusted setup, similar to that used by Zcash, a decision intended to reduce the cost of double-spend combating range proofs and to enable interoperability between dApps that interact with zero-knowledge proofs. A single smart contract, ‘ACE’ (AZTEC Cryptography Engine), manages all AZTEC assets: ACE delegates proofs validation to specific validation contracts and, when proofs are successfully validated, processes state update instruction inside note registries. Note registries are similar to the balance registries used by public blockchains, except some information, such as how much value is held by a note, is unavailable to observers, while other information is made public, such as note ownership. The AZTEC team claims to have developed a method for performing the trusted setup via multiparty computation, which is intended to obviate user dependence on the internal team. (Details are forthcoming.)

Figure One. AZTEC Architecture

AZTEC uses a UTXO model similar to Bitcoin’s. AZTEC uses ‘notes’ instead of balances, with notes encrypting a number representing a value (i.e. a number of ERC-20 tokens). Notes have owners, with ownership defined by an Ethereum address, and the owner must provide a valid ECSDA signature for the note to be spent: the protocol’s smart contract validator, AZTEC.sol, validates a unique zero-knowledge proof that determines the legitimacy of a transaction. A Note Registry manages a note’s state: registries can contain multiple notes, and each generic digital asset (ERC-20 standard) that utilizes the AZTEC protocol will have its own unique note registry. Notably, the AZTEC protocol can enable existing assets, such as DAI that has already been deployed, to be converted into notes, as well as allows users to issue notes worth nothing at all—this can better enable privacy.

The total computational cost of an AZTEC-enabled confidential join-split transaction was measured at ~840,000 gas (~$3.65 or 0.0168ETH at 20 gwei, ~$0.182 or 0.0008ETH at 1 gwei), as of December 2018. AZTEC estimates that Ethereum’s planned Elliptic Curve Improvements will reduce those costs to 200,000-300,000 gas. (~$0.087 or 0.004ETH at 20 gwei, ~$0.043 or 0.0002ETH at 1 gwei). Besides split-join functionality, AZTEC provides dApp developers tools for performing bilateral swaps, dividend proofs, AZTEC note minting, AZTEC note burning, and private/public range proofs.

Team

The Aztec Protocol is designed by a highly technical team. Zac Williamson (CTO), the creator of the AZTEC protocol, holds a Ph.D. in particle physics from Oxford, and is a former physicist at CERN and T2K Japan. Oana Ciobotaru, the project’s lead cryptographer, has a Ph.D in computer science from the Max Plank Institute for Informatics, and previously was part of ConsenSys’ PegaSys team. Thomas Pocock (CEO) worked at Park Square Capital, a European Debt fund, and holds a masters in mathematics. AZTEC raised $2.1 million in a seed funding round conducted by ConsenSys Labs; the project did not conduct a token sale.